Please do not open a public issue for security reports.

Use GitHub private vulnerability reporting for this repository (Security tab, "Report a vulnerability"), or contact the maintainer directly.

When reporting, please include:

• A description of the issue and its impact.
• Steps to reproduce.
• Any relevant version or environment details.

You can expect an acknowledgement within a few days. Please allow reasonable time for a fix before any public disclosure.

tripwire reads local configuration and process information and prints redacted findings. It never transmits scanned data anywhere. Reports about credential leakage in tripwire output, or about the tool reading data it should not, are especially welcome.